<?php
require_once('config.inc.php');//$pdo; $uid; ROOT
//print_r($_POST);
//file_put_contents('update.txt', $_POST);
//sleep(10);
// 非法操作
if(empty($_POST['username']) || empty($_POST['password']) || empty($_POST['code'])){
	$result['success'] = 0;
	$result['msg'] = '非法操作!请认真填写好用户名及密码!';
	die(json_encode($result));
}
if(strtolower($_POST['code']) != strtolower($_SESSION['verify'])){
	$result['success'] = 0;
	$result['msg'] = '验证码不正确!';
	die(json_encode($result));
}

$uname = trim($_POST['username']);
$pwd = trim($_POST['password']);

$sql = "SELECT uid,uname,email,power,cdate,bz FROM kp_usr WHERE (uname=? OR email=?) AND upwd = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$uname,$uname,$pwd]);
//$stmt_rows = $stmt->rowCount();//获取查询结果行数
//拿到查询结果(二维数组)
$result_all = $stmt->fetchAll(PDO::FETCH_ASSOC);
//拿到结果的行数
$result_rows = count($result_all);
//print_r($result_all);
/*while($row = $stmt->fetch(PDO::FETCH_ASSOC)){
    print_r($row);
}*/

//登陆成功,写入SESSION
if($result_rows == 1){
	$_SESSION['user'] = $result_all[0];
	$result['success'] = 1;
	$result['msg'] = '登陆成功!';
}else{
	$result['success'] = 0;
	$result['msg'] = '登陆失败,请核对[用户or邮箱]或[密码]!';
}
die(json_encode($result));






?>